Medium severity6.1NVD Advisory· Published Jun 1, 2018· Updated Jun 17, 2026
CVE-2018-5521
CVE-2018-5521
Description
On F5 BIG-IP 12.1.0-12.1.3.1, 11.6.1-11.6.3.1, 11.5.1-11.5.5, or 11.2.1, carefully crafted URLs can be used to reflect arbitrary content into GeoIP lookup responses, potentially exposing clients to XSS.
Affected products
2- F5, Inc./Big Ip (ltm, Aam, Afm, Analytics, Apm, Asm, DNS, Edge Gateway, Fps, Gtm, Link Controller, Pem, Webaccelerator)cpe-rescueRange: 12.1.0-12.1.3.1
Patches
Vulnerability mechanics
References
2- www.securitytracker.com/id/1041021nvdThird Party AdvisoryVDB Entry
- support.f5.com/csp/article/K23124150nvdVendor Advisory
News mentions
0No linked articles in our index yet.